The Optimization Research On Network Intrusion Anomaly Detection Algorithm Based On DBSCAN And LOF

With the development of society informatization,people's daily life and work have been greatly improved.Meanwhile,the network security issues have become critically prominent because of an endless stream of attacks.However,the adaptability of intrusion detection system and the effect of intrusion detection are not ideal.Therefore.it is urgent to carry on the innovation to the intrusion detection method.Outlier mining can transform the process of network intrusion detection into the corresponding data analysis and mining process,which can effectively improve the performance of intrusion detection system.And the recognition criterion of intrusion behavior is to identify the rare data which is different from the general data or pattern from the data set,which provides a theoretical basis for the research and application of outlier identification in Intrusion Detection.Based on the study of algorithm on the optimization of innovative research respectively,this paper selects the DBSCAN algorithm and the LOF algorithm as the research objects.At the same time,this paper puts forward a new optimization algorithm based on an integrated optimization algorithm of DBSCAN and LOF,and constructs a network intrusion anomaly detection mode based on the optimization algorithm.Then,using the experimental method to prove that three kinds of optimization algorithms are improved to some extent in two aspects:detection rate and false alarm rate.And the new integrated optimization algorithm has the best effect in network intrusion anomaly detection,which has the characteristics of low false alarm rate and high detection rate.The general structure of this paper includes:Firstly,this paper will study the basic theories of network intrusion detection and outlier detection,focus on the development and current research status of network intrusion detection and outlier mining methods,expound both advantages and disadvantages of different methods,and introduce the research status of outlier mining in network intrusion detection.Secondly,this paper will analyze and study the traditional DBSCAN and LOF algorithm.Aiming at the lack of parameter sensitivity of the algorithm,it will take the way of getting initial parameters of the algorithm as the starting point of the expansion optimization study.In order to improve the outlier recognition performance of the algorithm and further research on the integrated optimization of the improved algorithm.It develops a new algorithm for network intrusion detection based on DBSCAN and LOF.Thirdly,by analyzing the general model of network intrusion detection,this paper will construct a network intrusion detection model based on outlier detection,which uses the improved network intrusion detection algorithm.Fourthly,it uses the KDD_CUP99 network dataset to test the performance of intrusion detection algorithm,and applies the detection rate and false detection rate of these two indicators to compare the performance of the algorithm optimization before and after.The experiment is divided into two categories:one is DBSCAN and LOF algorithm optimization before and after the intrusion detection effect comparison experiment;the other is based on DBSCAN and LOF optimization integration algorithm,DBSCAN optimization algorithm and LOF optimization algorithm between the three intrusion detection effect comparison experiment.In this paper,the network intrusion detection algorithm based on DBSCAN and LOF can effectively improve the reliability of intrusion detection system,which is of great significance to the research of intrusion detection technology based on Outlier Mining.